Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments
Ravie LakshmananJun 17, 2026Malware / Social Engineering An unknown threat actor has been observed leveraging paid or promoted posts on...
actor
Nintendo Alleged Data Breach: Threat Actor Demands $2M Ransom
Nintendo is facing a potential incident after a threat actor claimed to have stolen nearly a decade’s worth of internal...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Ravie LakshmananJun 05, 2026Threat Intelligence / Cloud Security The threat actor known as PCPJack has hijacked cloud servers associated with...
Pointing a Cursor at evading detection
Sophos X-Ops analysts observed a threat actor using artificial intelligence (AI) technologies to test endpoint detection and response (EDR) evasion...
Pointing a Cursor at evading detection
Sophos X-Ops analysts observed a threat actor using artificial intelligence (AI) technologies to test endpoint detection and response (EDR) evasion...
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
Ravie LakshmananMay 29, 2026Vulnerability / Artificial Intelligence An unknown threat actor has been observed using a large language model (LLM)...
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
Ravie LakshmananMay 29, 2026Cyber Espionage / Artificial Intelligence A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing...
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of...
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh...
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
Ravie LakshmananMay 22, 2026Malware / Artificial Intelligence The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine's National Security...
Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API
Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that...
Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
Ravie LakshmananMay 13, 2026Cyber Espionage / Malware A threat actor with affiliations to China has been linked to a "multi-wave...
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
TeamPCP, the threat actor behind the recent supply chain attack spree, has been linked to the compromise of the npm and...
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
Ravie LakshmananMay 11, 2026Vulnerability / Ransomware A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently...
Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely...
